Project

General

Profile

Feature #1337

VLANs with different MAC address than parent interface

Added by Ermal Luçi over 9 years ago. Updated over 1 year ago.

Status:
Assigned
Priority:
Normal
Assignee:
Renato Botelho
Category:
Interfaces
Target version:
2.5.0
Start date:
03/08/2011
Due date:
% Done:

0%

Estimated time:

Description

In FreeBSD it is possible to host an vlan(4) with a different mac address from the parent.
This needs the parent interface in promiscuous mode, which at present days is not much of a issue.

Linked report here http://forum.pfsense.org/index.php/topic,34094.0.html.

Possibly an option should be given to people activate this issue.

Associated revisions

Revision 4cd8424a (diff)
Added by Renato Botelho almost 2 years ago

Revert ticket #1337

FreeBSD is not happy with simple set VLAN to use a different MAC
address. Revert it for now and prevent users to change VLAN interface
MAC address.

History

#1 Updated by Chris Buechler about 4 years ago

  • Subject changed from Vlan with different mac address than parent interface to VLANs with different MAC address than parent interface

#2 Updated by Renato Botelho almost 2 years ago

  • Status changed from New to This Sprint
  • Assignee set to Renato Botelho
  • Target version set to 2.4.4

#3 Updated by Renato Botelho almost 2 years ago

  • Status changed from This Sprint to Feedback

#4 Updated by Steve Beaver almost 2 years ago

  • Status changed from Feedback to This Sprint

James Dekker [6:49 PM]
With SG-5100 and XG-2758 on `2.4.4.a.20180824.1144` (which isn't the latest build, but should include whatever the fix was on `1337`) .. added a VLAN, assigned it as an interface with a static IP on both appliances, enabled the parent interface (no IP set, just enabled so the VLANs could use the interfaces) ... added a allow any rule on the VLAN interface on both pfSense. From either pfSense, I could ping the other. Then on one, I spoofed the VLAN interface mac as `DE:AD:BE:EF:CA:FE`, went to ping and now it fails. Remove the spoofed MAC, pings succeed again.

I his a valid test?

#5 Updated by Renato Botelho almost 2 years ago

  • Status changed from This Sprint to In Progress

#6 Updated by Renato Botelho almost 2 years ago

  • Status changed from In Progress to Assigned
  • Target version changed from 2.4.4 to 48

#7 Updated by Jim Pingle over 1 year ago

  • Target version changed from 48 to 2.5.0

Also available in: Atom PDF